Skip to content

Verify GitHub webhook signatures (+ replay protection) #23

Description

@nisshchayarathi

Summary
Harden /api/webhooks/github by verifying signatures and rejecting replayed events.

Acceptance criteria

  • Signature is validated against a secret.
  • Replayed delivery IDs are rejected for a configurable TTL.

Metadata

Metadata

Assignees

No one assigned

    Labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions